Report - tygry.clan.su

Report Overview

Visited public
2025-03-07 21:20:08
Tags
Submit Tags
URL
tygry.clan.su
Finishing URL
tygry.clan.su/
IP / ASN
213.174.157.140
#39572 DataWeb Global Group B.V.
Title
404 - Unable to load website

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tygry.clan.su	unknown	2006-03-08	2025-03-07	2025-03-07	3.1 kB	84 kB	213.174.157.140
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-03-05	442 B	94 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-03-07 21:19:49	medium	Client IP	213.174.157.140	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
2025-03-07 21:19:49	medium	Client IP	213.174.157.140	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
2025-03-07 21:19:50	medium	Client IP	213.174.157.140	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
2025-03-07 21:19:50	medium	Client IP	213.174.157.140	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
2025-03-07 21:19:50	medium	Client IP	213.174.157.140	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
2025-03-07 21:19:50	medium	Client IP	213.174.157.140	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
2025-03-07 21:19:50	medium	Client IP	213.174.157.140	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	tygry.clan.su/.serr/js/core.js	ScriptElement	414 B	2023-03-07	2025-07-15
Pretty URL tygry.clan.su/.serr/js/core.js IP 213.174.157.140 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-07-15 13:26 Times Seen127 Hash 5701bc484b705ef62821a39f29742cba 2da3dc6a488db5812f1911bf96888a4c7aaf436f 80053729721b15fe8667def4e6270e156043789e01f7ec35defae93933274493 Loading...

	tygry.clan.su/	ScriptElement	1.1 kB	2025-03-07	2025-07-15
Pretty URL tygry.clan.su/ IP 213.174.157.140 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-07 21:20 Last Seen2025-07-15 13:26 Times Seen24 Hash b76f6475bf1bfe827fb51ac88ecfcb08 2b393b1792c5a25d922b3e2347d5c599b0d6e437 96a0cb28b0d55ebb4fb9f1c2247ea52746b71b2c3d2e4577053c61aff269e1bf Loading...

	tygry.clan.su/	ScriptElement	849 B	2025-03-07	2025-06-24
Pretty URL tygry.clan.su/ IP 213.174.157.140 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-07 21:20 Last Seen2025-06-24 21:13 Times Seen7 Hash 910e9d40d830599b833d7c45bd212177 50f2575b4df51b1b279f7206eb75f557e949e3f9 e6f185dc7612fac242f8ccb678720d288512bd02197306bd8fb61ba88afcb999 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	ScriptElement	93 kB	2023-03-07	2025-07-16
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 03:10 Times Seen11294 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

HTTP Transactions (9)

URL IP Response Size

GET tygry.clan.su/

213.174.157.140

404 Not found

5.9 kB

URL User Request GET
tygry.clan.su/
IP
213.174.157.140:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerGlobalSign nv-sa
Subject*.clan.su
FingerprintAA:26:1E:58:EC:49:21:55:61:01:8F:8F:FB:2A:00:2D:89:F3:95:18
ValidityMon, 21 Oct 2024 12:42:53 GMT - Sat, 22 Nov 2025 12:42:52 GMT

File type
HTML document, ASCII text, with very long lines (6705), with no line terminators
Size
5.9 kB (5940 bytes)
Hash
dd899a7edfbe15e767cc6a5029af2016
fad09af7085f3cab792fd292107eeea39a0200b0
22f995455ebbdca6f56728c810c06663cac8e14d070958eef617130c7a01f6af

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET / HTTP/1.1
Host: tygry.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not found
Server: nginx
Date: Fri, 07 Mar 2025 21:19:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store
Pragma: no-cache
Vary: host
Content-Encoding: gzip

GET tygry.clan.su/.serr/img/eyes.png

213.174.157.140

200 OK

3.3 kB

URL GET
tygry.clan.su/.serr/img/eyes.png
IP
213.174.157.140:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://tygry.clan.su/

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
Size
3.3 kB (3288 bytes)
Hash
61ecb4143b3582b11f3b5cd1503d9d4e
04fdc163629c4cd8aac7f237e21a8f27b96624ab
a7b92bb840e66c0f1b47e8b5cd5fab170935dab76fdc9a7264b5fefe57a39c6b

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET /.serr/img/eyes.png HTTP/1.1
Host: tygry.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://tygry.clan.su/.serr/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 21:19:50 GMT
Content-Type: image/png
Content-Length: 3288
Last-Modified: Wed, 20 Nov 2024 09:24:21 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "673daac5-cd8"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

GET tygry.clan.su/.serr/img/favicon.ico

213.174.157.140

404 Not Found

7.3 kB

URL GET
tygry.clan.su/.serr/img/favicon.ico
IP
213.174.157.140:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://tygry.clan.su/

File type
HTML document, ASCII text, with very long lines (7597), with no line terminators
Size
7.3 kB (7274 bytes)
Hash
4481fc27da4a76d8c91bc1fa42e4312e
fc5b22b73087585178649b1b24c34bf08b69a050
a2ed9bd194007a6384aee42679867eccd6e823910e2939218483f5ea45c64c10

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET /.serr/img/favicon.ico HTTP/1.1
Host: tygry.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://tygry.clan.su/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 07 Mar 2025 21:19:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip

GET tygry.clan.su/.serr/img/nofound.png

213.174.157.140

200 OK

35 kB

URL GET
tygry.clan.su/.serr/img/nofound.png
IP
213.174.157.140:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://tygry.clan.su/

File type
PNG image data, 294 x 240, 8-bit/color RGB, non-interlaced
Size
35 kB (34722 bytes)
Hash
cfd5b3c7df2dea454f19c96505e74905
02a66f5ce373921d2d065377fd3c9f1045cf5d99
a160c19e07bb27c7e3b95153c6392bf6664398fb2cf57f12c386bc7a8d43e551

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET /.serr/img/nofound.png HTTP/1.1
Host: tygry.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://tygry.clan.su/.serr/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 21:19:50 GMT
Content-Type: image/png
Content-Length: 34722
Last-Modified: Wed, 20 Nov 2024 09:24:21 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "673daac5-87a2"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

GET tygry.clan.su/

213.174.157.140

404 Not found

5.9 kB

URL User Request GET
tygry.clan.su/
IP
213.174.157.140:80
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with very long lines (6705), with no line terminators
Size
5.9 kB (5940 bytes)
Hash
dd899a7edfbe15e767cc6a5029af2016
fad09af7085f3cab792fd292107eeea39a0200b0
22f995455ebbdca6f56728c810c06663cac8e14d070958eef617130c7a01f6af

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET / HTTP/1.1
Host: tygry.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not found
Server: nginx
Date: Fri, 07 Mar 2025 21:19:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store
Pragma: no-cache
Vary: host
Content-Encoding: gzip

GET tygry.clan.su/.serr/css/style.css

213.174.157.140

200 OK

20 kB

URL GET
tygry.clan.su/.serr/css/style.css
IP
213.174.157.140:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://tygry.clan.su/

File type
ASCII text, with CRLF line terminators
Size
20 kB (19493 bytes)
Hash
98a90bc50f0b53842d1863fec51697fa
2e39243745ccb62e77a2fa92357f703619aba6d8
6fcbe05fd7251ea2506caecbb12812dc2273ceb231a3182aeee4124b0165d9ef

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET /.serr/css/style.css HTTP/1.1
Host: tygry.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://tygry.clan.su/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 21:19:49 GMT
Content-Type: text/css
Last-Modified: Wed, 20 Nov 2024 09:24:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"673daac5-4c25"
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

GET ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

142.250.74.74

200 OK

93 kB

URL GET
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://tygry.clan.su/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintF1:11:17:AF:9C:89:34:EE:D5:CB:84:40:84:EA:01:19:A9:F6:ED:C2
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT

File type
JavaScript source, ASCII text, with very long lines (32072)
Size
93 kB (93100 bytes)
Hash
e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://tygry.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:29:30 GMT
expires: Fri, 06 Mar 2026 10:29:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 125419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tygry.clan.su/.serr/js/core.js

213.174.157.140

200 OK

414 B

URL GET
tygry.clan.su/.serr/js/core.js
IP
213.174.157.140:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://tygry.clan.su/

File type
JavaScript source, ASCII text, with very long lines (426), with no line terminators
Size
414 B (414 bytes)
Hash
bf9f588adfca82d56aa2d792594479ed
7ea513e405b27d8b84c50f09327a1c3fca118c01
45f77c7b2254b5712f6b2c4eb78455d36c3866015677e19963cb1fb74d6f9dfc

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET /.serr/js/core.js HTTP/1.1
Host: tygry.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://tygry.clan.su/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 21:19:50 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 414
Last-Modified: Wed, 20 Nov 2024 09:24:21 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "673daac5-19e"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

GET tygry.clan.su/.serr/img/ulogo.svg

213.174.157.140

200 OK

4.2 kB

URL GET
tygry.clan.su/.serr/img/ulogo.svg
IP
213.174.157.140:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://tygry.clan.su/

File type
SVG Scalable Vector Graphics image
Size
4.2 kB (4235 bytes)
Hash
f2d243141d91f87497755afbf7e31a3a
a7913ab81edb7dd56bf3bbd852d14547a4fa62bd
e60e7ad49cda1b6352774022dc9c4368275c546fd5390e64e9fe574a684113e5

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET /.serr/img/ulogo.svg HTTP/1.1
Host: tygry.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://tygry.clan.su/.serr/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Mar 2025 21:19:50 GMT
Content-Type: image/svg+xml
Content-Length: 4235
Last-Modified: Wed, 20 Nov 2024 09:24:21 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "673daac5-108b"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN